/** * OIDC Discovery document structure * Based on OpenID Connect Discovery 1.0 specification */ export interface OIDCDiscoveryDocument { issuer: string; authorization_endpoint?: string; token_endpoint: string; userinfo_endpoint?: string; jwks_uri?: string; registration_endpoint?: string; scopes_supported?: string[]; response_types_supported?: string[]; grant_types_supported?: string[]; subject_types_supported?: string[]; id_token_signing_alg_values_supported?: string[]; token_endpoint_auth_methods_supported?: string[]; revocation_endpoint?: string; introspection_endpoint?: string; device_authorization_endpoint?: string; } /** * Fetches the OIDC discovery document from an IdP * * @param idpDomain - The IdP domain (e.g., 'your-tenant.auth0.com' or 'accounts.google.com') * @returns The OIDC discovery document * @throws Error if the discovery document cannot be fetched */ export declare function fetchOIDCDiscoveryDocument(idpDomain: string): Promise; /** * Gets the token endpoint from the IdP's discovery document */ export declare function getTokenEndpoint(idpDomain: string): Promise; /** * Gets the device authorization endpoint from the IdP's discovery document * @throws Error if the IdP doesn't support device authorization */ export declare function getDeviceAuthorizationEndpoint(idpDomain: string): Promise; /** * Gets the revocation endpoint from the IdP's discovery document * @returns The revocation endpoint, or null if not supported */ export declare function getRevocationEndpoint(idpDomain: string): Promise; /** * Checks if the IdP supports a specific grant type */ export declare function supportsGrantType(idpDomain: string, grantType: string): Promise; /** * Clears the discovery cache (useful for testing or when IdP config changes) */ export declare function clearDiscoveryCache(): void;